Top Ten Cyber Security Threats
SQL (Structured Query Language) Injection What is SQL Injection SQL injection, also known as SQLI, is a common attack vector that uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed.
Cross site scripting (XSS) is a common attack vector that injects malicious code into a vulnerable web application. XSS differs from other web attack vectors (e.g., SQL injections), in that it does not directly target the application itself.
MiTM attacks pose a serious threat to online security because they give the attacker the ability to capture and manipulate sensitive information in real-time. The attack is a type of eavesdropping in which the entire conversation is controlled by the attacker.
“Malware” refers to various forms of harmful software, such as viruses and ransomware. Once malware is in your computer, it can wreak all sorts of havoc, from taking control of your machine, to monitoring your actions and keystrokes, to silently sending all sorts of confidential data from your computer or network to the attacker's home base.
A denial-of-service (DoS) is any type of attack where the attackers (hackers) attempt to prevent legitimate users from accessing the service. In a DoS attack, the attacker usually sends excessive messages asking the network or server to authenticate requests that have invalid return addresses.
Spear phishing is an email-spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information. Spear-phishing attempts are not typically initiated by random hackers, but are more likely to be conducted by perpetrators out for financial gain, trade secrets or military information.
Whaling emerges as major cybersecurity threat Fraudsters are using legitimate executive names and email addresses to dupe unsuspecting employees to wire money or sensitive documents to their accounts. The CTO of the Boston Celtics, for one, is fighting back.
A dictionary attack is similar to a brute force attack. It would try words in a dictionary or would ‘scan’ a list of average passwords, instead of trying all possible ones. You would be surprised how effective a dictionary attack may be. A large number of people use passwords that are common and easy to break. Brute Force Attacks and Online Services. As pointed out by HowToGeek, online and offline brute attacks are different.